Full remove certbot from windows server + xampp

I have remove my certbot ssl using this command certbot delete --cert-name (because i must change the ssl with new wildcard) but i have ran the command, my site is still running using ssl from letsencrypt. How i can fully removed and start using new SSL ?

SOLVED.
Forget to configure the httpd-vhost.

To fully remove certbot you uninstall the app and delete the schedule task but this will not affect your actual Apache web server config.

To remove the certificate from Apache, edit the SSL config in your apache config file for this site. It will have a line mentioning SSLCertificateFile, you need to repoint the SSL related config to your new certificate as provided by the alternative app you have chosen. [Then restart apache]

3 Likes

Hi @webprofusion thank you for you reply.

I have to try what are you tell it, but like not working. I have configure the new SSL from httpd-ssl.conf from the path SSLCertificateFile and restart the apache , but still the SSL status is using Letsencrypt not the new one. Any solution sir?

edited, here my httpd-ssl.conf

DocumentRoot "C:/xampp/htdocs/mydocs"
ServerName sub.mydomain.com
ServerAlias www.sub.mydomain.com
ServerAdmin admin@example.com
ErrorLog "C:/xampp/apache/logs/error.log"
TransferLog "C:/xampp/apache/logs/access.log"
SSLCertificateFile "C:/xampp/apache/ssl/ssl.crt"
SSLCertificateKeyFile "C:/xampp/apache/ssl/privateKey.key"
SSLCACertificateFile "C:/xampp/apache/ssl/ssl.ca-bundle"
1 Like

Are you at the right IP?
Is there another system terminating TLS?
Have you tried rebooting the server?

2 Likes

Is that the conf file for your smkpk.ditpsmk.net domain?

Because I do not see that domain in the ServerName or ServerAlias

2 Likes

Hi @rg305 , yes i am in the right server & IP
I have tried rebooting the server but nothing happend..still same letsencrypt SSL

Hi @MikeMcQ
yes the configure is same using my domain xxxx.domain.com, im sorry i forget im renaming the domain name after paste the config right here :smile:

Search your C: drive for all files containing SSLCertificateFile, either one of them is pointing to the wrong place, your certificate files are the wrong files, or your Apache has not properly restarted. There's no magic involved, just configuration :slight_smile:

3 Likes

I have check all of files containing SSLCertificateFile but still no luck. I have tried on 2nd server (I haven't installed letsencrypt or other SSL before) i just configure what inside httpd-ssl.conf same like in 1st server, i restart the apache, and it's working normally started with new SSL . But in the 1st server still no luck, always pointing to Letsencrypt SSL . @webprofusion

Try rebooting the machine, but also paste the content of C:/xampp/apache/ssl/ssl.crt into Report URI: PEM Decoder to check it's the right certificate.

2 Likes

I have try rebooting the machine, and check the certificate is valid & same like my domain. But still nothing happend, still pointing to Letsencrypt SSL :frowning:

Edited:
my SSL type is wildcard btw.

Just to clarify - your the .crt file shows in the PEM Decoder as being for the wildcard *.ditpsmk.net - not just smkpk.ditsmk.net?

2 Likes

Yes wildcard for *.domain.com , not just domain.com sir. Any idea?

Which server is reached via HTTP from the Internet?

1 Like

both server can reached via HTTP .

Is there just one server that responds to smkpk.ditpsmk.net or do you have any kind of load balancing etc? You mentioned trying on a 2nd server.

1 Like

My 1st server belongs to xxxx.domain.com , my 2nd server is belong to another domain.
For the 2nd server is normally setup with my new SSL , but my 1st server is still stuck pointing to Letsencrypt SSL.

And you're absolutely sure the server you are changing is the 103.40.55.191 one that serves this site? It's fairly common to find you are making changes on your development server instead of your production server. A good test is to temporarily stop Apache, then try accessing your website again and if it still works then you're definitely working on the wrong server.

Apache just picks up the cert file that the config points to, so if it's still serving the wrong thing (and you have restarted) then the config simply points to the wrong file. You may be editing a different config file to the one that actually applies.

3 Likes

Finally, i forget to setup the httpd-vhost.
Now it solved, thank you so much!

Hi all,
Thank you for your helping me out. Can you all guys remove my domain from this topic? for a something reason.

Thank you !!!! :innocent:

cc:
@webprofusion @MikeMcQ

Not solved. Still see same LE cert from your server as before.
Use site like this to confirm: SSL Checker

2 Likes